Soma Capital Portfolio Jobs

Staff Corporate Security Engineer



San Francisco, CA, USA
Posted on Wednesday, October 18, 2023
About Rippling
Rippling gives businesses one place to run HR, IT, and Finance. It brings together all of the workforce systems that are normally scattered across a company, like payroll, expenses, benefits, and computers. For the first time ever, you can manage and automate every part of the employee lifecycle in a single system.
Take onboarding, for example. With Rippling, you can hire a new employee anywhere in the world and set up their payroll, corporate card, computer, benefits, and even third-party apps like Slack and Microsoft 365—all within 90 seconds.
Based in San Francisco, CA, Rippling has raised $1.2B from the world’s top investors—including Kleiner Perkins, Founders Fund, Sequoia, Greenoaks, and Bedrock—and was named one of America's best startup employers by Forbes.

About the job

We are establishing a brand new Corporate Security Engineering team at Rippling.  As a founding member of this team you will help us build a world class corporate security function, drive process improvement and develop an open culture where we grow from our mistakes as an organization. In this role, you will also build the tools and infrastructure that we need to scale our corporate security capabilities across all systems, building paved paths and enabling the broader organization to move quickly. 

What You’ll Do

  • Drive security initiatives such as endpoint hardening, vulnerability management of corporate systems, corporate access controls and authentication systems. 

  • Define and implement robust processes for user management provisioning, ensuring proper RBAC across third parties. 

  • Bootstrap Data Loss Prevention (DLP) initiatives, and improve the posture of data security at Rippling. 

  • Provide security expertise and guidance to our Rippling Devices and Identity teams, helping them prioritize corporate security initiatives such as Zero Trust authentication & authorization, and device health. 

  • Team up with infrastructure security and detection and response teams to provide an unified view of our security posture via relevant metrics. 

  • Partner with our detection and response team to write actionable detections for corporate endpoints that do not lead to alert fatigue. 

  • Respond to security incidents and events impacting corporate systems. 

  • Partner closely with Rippling IT Cloud and other internal teams to balance business needs with appropriate security. 

  • Evangelize and implement security best practices through education, automation, and tooling.

What We’re Looking For

  • 8+ years of full-time experience as a security engineer. 

  • Deep expertise in macOS and Windows system internals and hardening.

  • Experience with identity integration through federated management, SSO, SAML, & SCIM.

  • Experience rolling out Zero Trust architectures. 

  • Familiarity with AWS, GCP, or other cloud environments and their security best practices.

  • Familiarity with DLP tools, and scaling them across cloud and SaaS environments

  • Experience developing tools and automation using common DevOps toolsets and programming languages that would help “automate yourself out of the job”.

  • Ability to drive cross functional projects independently. 

  • Strong communication skills to socialize security guidance across functional teams in an empathetic manner.

Additional Information